Tackling Counterfeit Drugs in the Global Pharma Supply Chain
Global sales for counterfeit drugs cost businesses billions of dollars per year. Drug counterfeiting affects human lives, business reputation, and return on investment for the entire pharmaceutical industry. According to the World Health Organization, it is estimated that up to 30% of pharmaceutical products sold in emerging markets are counterfeit, and about 1 million people lose their lives each year due to counterfeit medication.
Lakshmi Shastry, Blockchain Architect at Brillio, explains the impact this issue has on the pharmaceutical supply chain, including recent regulations and what’s needed to address these industry challenges head-on. Lakshmi is also participating in a webinar hosted by Digital Asset on March 31st to discuss this topic with Guido Rijo, Vice President, Supply Chain Digital Transformation at Johnson & Johnson.
The pharmaceutical supply chain faces several challenges: numerous stakeholders with complex demands, lack of end-to-end process transparency, time sensitive and unorganized data. The complexity of data quality only increases due to the number of internal and external stakeholders adding and changing data as drugs are researched, developed, and produced. It is difficult to monitor and validate information correctness while securing that information against human error and missing documentation. There is also the concern of opaque transactions. To date, manufacturers, logistics companies, wholesalers, and pharmacists have little to no visibility on the authenticity and quality of a drug in transit.
The US Drug Supply Chain Security Act (DSCSA) and the international Global Traceability Standard for Healthcare (GTSH) regulations are intended to protect consumers from counterfeit drugs. DSCSA requires pharma supply chain vendors to collaborate through an electronic, interoperable system that verifies a returned product's authenticity before resale and track and trace all prescription drugs.
One of the core requirements of DSCSA is that every prescription medication must have a unique product identifier which takes the form of a 2D barcode. These federally mandated barcodes serve as foundational building blocks for a common data model.
Following the requirements set forth by the DSCSA, the FDA openly called for pilots to address three main challenges of the legislation:
- Establishing a product identifier
- Quality barcodes
- Achieving interoperability
High Level Architectural Considerations
A digital system is needed to securely record transactions across this complex multi-party supply chain network. Desirable properties of such a system include:
- Create a definition of rights and obligations for each actor so that the data is tamper-proof, near-real-time and auditable.
- Promote privacy and confidentiality of each party's data.
- Maintain visibility into a single version of truth,
- Allow interpretability across the diverse technology stacks of each party engaged in the supply chain.
This single version of truth and data integrity across parties will cancel out double counting and reveal possible instances of counterfeiting, diversion, spoofing, or man-in-the-middle attacks. From a physical deployment perspective, we can realize such a solution in two ways.
- Hosted centrally by a trusted third party with every other party connecting into this centralized system using APIs. While this model has been used for decades and is not new to us, it does have a major drawback in that every party has to maintain its copy of the data (or subset) for its operational processes. As time moves forward, the cost of constant reconciliations with this centralized system takes us back to the very problem we set out to solve. Such a solution also runs into regulations related to data domicile requirements, necessitating multiple data stores for such data and requiring associated reconciliations.
- The alternative is to leverage emerging technology such as Daml smart contracts that allow the creation of mutualized multi-party workflows by modeling each party's rights and obligations. The output of these workflows is smart contracts that can reside on various data storage mechanisms ranging from a decentralized blockchain to traditional databases. Every party on the multi-party workflow can access the same real-time information even though the physical data may be in multiple locations to meet data domicile regulations. In this model enabled by Daml, individual parties do not need to maintain separate offline copies for their operational processes.
Given the obvious benefits of the second approach above, we will outline it in more detail below.
Business Process Overview
For those unfamiliar with Daml, it is an open-source, cross-platform smart contract runtime designed specifically for building distributed, multi-party workflows, and allows applications to work across multiple platforms with the ability for ledger interoperability. The Daml integrations, APIs, and runtime feature built-in safeguards that protect data integrity and privacy and help create an interoperable system in which multiple parties can connect, verify, and transfer pharmaceutical products with absolute trust in their authenticity, provenance and financial transactions. Daml helps as an augmented system with a Single Reference Smart Contracts Store, i.e., logical views of the same golden source based on confidentiality and access controls, multi-party shared common business process, and complete privacy between applications. Daml provides benefits beyond traditional technology, positioning users as the provider of choice with the given market.
Using Daml, all authorized stakeholders have transparency over the end-to-end drug delivery process.
At each stage, a barcode is scanned and recorded onto a smart contract, which rests either on a blockchain or a series of connected databases managed by Daml interoperability. These records create the audit trail for the drug journey. It can track every delivery, with the delivery driver traced through biometric measures. Every checkpoint involving the drug can be measured and recorded through several tools. It can also incorporate sensors into the supply chain with temperature or humidity recorded onto the ledger system. With a drug fully tracked from creation to patient, the supply chain becomes a holistic, accurate, audited, and secure process.
Smart contracts enable shared workflows, real-time information flow, and transparency with the ability to extend into the value chain, bridging silos within and between enterprises and reducing risks. End-to-end traceability and tracking enables trust among all involved parties for product integrity, item level fidelity, prompt recalls, incident investigations, dispute resolutions, and compliances across complex pharma supply chains.
An initiating counterparty specifies contractual conditions, such as a required label with federal mandated 2D barcode, that must be adhered to by all custodians on the supply chain. At any point, i.e., if the device takes a temperature or humidity measurement that is out of range, the smart contract state will update to indicate that it is out of compliance, recording a transaction on the blockchain/database and triggering remediating events downstream.
Using Microsoft Azure as the Underlying Persistence layer
Microsoft Azure combined with Daml offers multiple deployment topologies.
While the centralized record can be stored on one AzureDB using the Daml for AzureDB on PostgreSQL Driver to streamline initial change management, the architecture allows for a future model where each party can then host its own "node" (either an AzureDB or blockchain node) to maintain additional physical privacy and compliance with data domicile requirements. The Daml smart contracts platform automatically manages the multi-party workflow across these individual "nodes" of each party. That is the interoperability property of Daml that creates a network of individual networks, each using their physical storage and applications technology stack.
The Microsoft Confidential Consortium Framework (CCF), a multi-party compute framework that leverages secure enclaves, can also be used to deploy the Daml multi-party workflows. Using CCF enables private and highly performant transactions that can execute with throughput and latency issues similar to a centralized database. The deployment topology operates like a blockchain system without data privacy concerns.
From integration to monitoring, network configurations, smart contract development, privacy and high-performance computing capabilities, Microsoft Azure powers a data-driven approach in digital supply chains for tracing, tracking, and verifying goods.
Brillio's three-step approach using Microsoft AzureDB and Daml is to:
- Build a multi-party network using a rights and obligations model.
- Simplify governance and management respecting each party's technology choices.
- Integrate the solution with existing systems and tools to reduce IT roadmap complexity.
Significant features of such a network can support more flexible confidentiality models, enable control over which authorized party's transactions can be revealed, and improve energy efficiency with simplified proof-of-work and proof-of-stakes algorithms.
The solution architecture we outlined in this blog increases the pharmaceutical drug supply chain's provenance, reduces counterfeits, and ensures compliance with regulations. Leveraging the Daml integration with Microsoft AzureDB and Internet of Things (IoT) technology increases quality compliance and visibility for temperature-sensitive biologics drug logistics. The solution provides a 'chain of custody' for pharma supply chain lifecycle management.
The solution can integrate with external consuming applications for the extension of services that currently require intermediaries. These external processes include insurance, legal, brokerage, settlement services, delivery scheduling, fleet management, freight forwarding, and connectivity with business partners.
Over time, the architecture outlined above allows for the creation of a roadmap where business transactions (e.g., automating payments and transferring ownership between parties) can be onboarded to the core multi-party rights and obligations model. As this model evolves, it can also address the complexity of the CAR T-cell therapy supply chain where a patient is also part of the chain, and both information privacy and supply chain integrity needs to be maintained.
Brillio's Daml for Azure model provides a foundation to create such digitized workflows shared across supply chain business stakeholders, authorities, agencies, and ultimately consumers. Consortium-based applications ingest signals from relevant user interfaces and communicate with consuming apps of businesses across the consortium.
Please connect with me or join our upcoming webinar on March 31st to see how a combination of Daml, IoT, and cloud can overcome current supply chain challenges and power the future of supply chains.